You are here
Review Handling of Sensitive Data Within the School
Examine the way sensitive data, both personal and research, is currently handled within the School and to suggest ways in which this could be improved.
It is important that the School can be confident that all the requirements (both legal and as imposed by funding bodies) for the correct securing, retention and eventual disposal of secure data are being met. Not doing so opens the School up to both the threat of legal proceeding and the potential loss of research funding. This is not an easy task and has traditionally been overlooked or ignored as a consequence but it is becoming increasingly clear that this is an issue the School must address in a timely fashion.
Though there are no hard deadlines, this is something which should be done as soon as possible.
An important first step is to determine what sensitive data the School possesses. This information should be generated by the Research Data Audit project and the sensitive data audit currently under way. The Archiving Project shoudl provide details of such things as mandated retention periods and access criteria. With this information to hand, decisions can be taken as to how the School can improve its handling of sensitive data, acting in consultation with the University units such as Registry and the library.